Remix.run Logo
Remix clone Hacker News
new | show | ask | jobsGithub
CursedSilicon 3 days ago

They probably use L2TP with IPsec to get Layer 2 transit. Doing that over Wireguard would require Gretep or something similar

smashed 3 days ago | parent | next [-]

Not sure they are using l2 transit.

They are using BGP and routing nodes (backbones), recreating a mini IP (layer 3) network I think.

I've used raw wireguard in a p2p fashion to interconnect LANs. I run wireguard on each segment directly inside the network routers.

Just make sure all LANs are using a different subnet. A /24 is standard. Then configure all the peers and you get a fully peer to peer network. No relays. You only need one side of every peer "pair" to be reachable from the internet.

I do have a small management script to help peer discovery (dynamic IPs) and key exchange, but it's not strictly required. With a dozen nodes or so, it's maintainable manually. Wireguard supports roaming natively, as long as one peer can reach the other.

Very little overhead. ICMP, TCP and UDP support.

icedchai 3 days ago | parent | next [-]

I have my own Wireguard mesh network between my home network and a couple of VPSes. I configured it all manually, too. I'm basically running a virtual public network and have it routing a /24 (BGP announced at the VPSes) back to my home.

immibis 2 days ago | parent [-]

How did you get a public /24?!

icedchai 2 days ago | parent [-]

I was an early Internet user (early 90's.) They gave them out to anyone who asked back then.

bevr1337 2 days ago | parent [-]

A little morbid, but have you considered setting up a beneficiary for the allocation or detailing this asset in a will? That's some special, virtual real estate you have there.

icedchai a day ago | parent [-]

I’m hoping IPv4 is obsolete by that time. That’s a good idea though.

mdickers47 2 days ago | parent | prev [-]

That is correct. IPSec sucks but we have already paid the price of being forced to figure it out in big organizations, so, not much motivation to figure out another thing.

ericdiao 3 days ago | parent | prev [-]

Oh this make sense. For LAN, one definitely want L2. Totally overlooked the objective.

x2tyfi 3 days ago | parent [-]

Why though?

The only use case I can imagine is a legacy game which performs a server search by broadcasting/scanning the local network. And even then - most of the time these games had server browsers.

lmm 2 days ago | parent [-]

Some classic games use IPX for multiplayer, so you can't play them over an IP VPN.